a3b1fd213f742b0a08fda9782809ee1c_JaffaCakes118 | Triage

Sharing

General

Target

a3b1fd213f742b0a08fda9782809ee1c_JaffaCakes118
Size

142KB
MD5

a3b1fd213f742b0a08fda9782809ee1c
SHA1

73e97f29656b01a36b447ab40b1477b2c379bec3
SHA256

2362cb0106ed9166092b235213dfe6a0cffffa6d8c0e3a422aff98c14933bfd9
SHA512

839960793bf80112dfb44f5421eb2ea57c6a2d0d96c5437be0c68f150315ee46b21c2e87680326497c2ddbc44e09daed88dc069430437032b59f6d5387f76c69
SSDEEP

3072:VP4DHs4sVa2UYazLITDvOdqjZn9wj3dFbpq9c7oq:mDMFrNWdqFKdlZ7j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3b1fd213f742b0a08fda9782809ee1c_JaffaCakes118

Files

a3b1fd213f742b0a08fda9782809ee1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

739cf4b246570638dc5d8728db079f94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
LoadLibraryA
GetProcAddress

user32

TranslateMessage
DispatchMessageA
GetMessageA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ